From 3aee45351c1c5584da3864635b0cfa25225ff3dc Mon Sep 17 00:00:00 2001
From: =?utf8?q?Tim=20D=C3=BCsterhus?= <duesterhus@woltlab.com>
Date: Fri, 18 Nov 2022 10:41:54 +0100
Subject: [PATCH] Fix downgrade prevention in PackageValidationArchive

This regressed in 5590bc1425b03e1f8d91610b7d3c52ccccb7d338, because
`PackageArchive::isValidUpdate()` checked not just the existence of the
instructions, but also the version numbers.

In practice this regression is only visible for wildcard update instructions,
because otherwise a valid instruction will simply not exist.
---
 .../PackageValidationArchive.class.php        | 28 +++++++++----------
 1 file changed, 13 insertions(+), 15 deletions(-)

diff --git a/wcfsetup/install/files/lib/system/package/validation/PackageValidationArchive.class.php b/wcfsetup/install/files/lib/system/package/validation/PackageValidationArchive.class.php
index 88556b49ee..12d87cc07d 100644
--- a/wcfsetup/install/files/lib/system/package/validation/PackageValidationArchive.class.php
+++ b/wcfsetup/install/files/lib/system/package/validation/PackageValidationArchive.class.php
@@ -233,23 +233,21 @@ final class PackageValidationArchive implements \RecursiveIterator
             }
         } else {
             // package is already installed, check update path
+            $deliveredPackageVersion = $this->archive->getPackageInfo('version');
+            if (Package::compareVersion($package->packageVersion, $deliveredPackageVersion, '>=')) {
+                throw new PackageValidationException(PackageValidationException::ALREADY_INSTALLED, [
+                    'packageName' => $package->packageName,
+                    'packageVersion' => $package->packageVersion,
+                ]);
+            }
+
             $instructions = $this->archive->getUpdateInstructionsFor($package->packageVersion);
             if ($instructions === null) {
-                $deliveredPackageVersion = $this->archive->getPackageInfo('version');
-
-                // check if the package is already installed with the same exact version
-                if ($package->packageVersion === $deliveredPackageVersion) {
-                    throw new PackageValidationException(PackageValidationException::ALREADY_INSTALLED, [
-                        'packageName' => $package->packageName,
-                        'packageVersion' => $package->packageVersion,
-                    ]);
-                } else {
-                    throw new PackageValidationException(PackageValidationException::NO_UPDATE_PATH, [
-                        'packageName' => $package->packageName,
-                        'packageVersion' => $package->packageVersion,
-                        'deliveredPackageVersion' => $deliveredPackageVersion,
-                    ]);
-                }
+                throw new PackageValidationException(PackageValidationException::NO_UPDATE_PATH, [
+                    'packageName' => $package->packageName,
+                    'packageVersion' => $package->packageVersion,
+                    'deliveredPackageVersion' => $deliveredPackageVersion,
+                ]);
             }
 
             if ($validationMode === PackageValidationManager::VALIDATION_RECURSIVE) {
-- 
2.20.1